From fd6a6ef194d7dbfbb7993ab3ce52e3cb5b21f0fc Mon Sep 17 00:00:00 2001 From: Patrick Peng Sun Date: Mon, 24 Apr 2017 04:31:15 +1000 Subject: [PATCH] access token also using config parameter --- accessToken.go | 2 +- main.go | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/accessToken.go b/accessToken.go index 66d13a5..b9186ab 100644 --- a/accessToken.go +++ b/accessToken.go @@ -61,7 +61,7 @@ func readTokenFromFile(path string) (authToken, error) { //issue web request to get token from wechat func renewAuthtoken() (authToken, error) { //url := "http://vimeo.com/api/v2/brad/info.json" - url := "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=wx876e233fde456b7b&secret=4a91aa328569b10a9fb97adeb8b0af58" + url := fmt.Sprintf("https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=%s&secret=%s", APIConfig.Appid, APIConfig.AppSecret) var myClient = &http.Client{Timeout: 20 * time.Second} r, err := myClient.Get(url) if err != nil { diff --git a/main.go b/main.go index 6cc9fb7..8788c1a 100644 --- a/main.go +++ b/main.go @@ -72,16 +72,16 @@ func checkSignature(r *http.Request) bool { nonce, nok := m["nonce"] token := APIConfig.Token if sok && tok && nok { - + //sort token, timestamp, nonce and join them strs := []string{token, timestamp[0], nonce[0]} - sort.Strings(strs) s := strings.Join(strs, "") + //calculate sha1 h := sha1.New() h.Write([]byte(s)) - us := fmt.Sprintf("%x", h.Sum(nil)) - return signature[0] == us + calculated := fmt.Sprintf("%x", h.Sum(nil)) + return signature[0] == calculated } return false }